updated ingresses for homepage and glance
This commit is contained in:
@@ -1,6 +1,6 @@
|
|||||||
# Glance Dashboard for Orsi
|
# Glance Dashboard for Orsi
|
||||||
# Namespace: glance-system
|
# Namespace: glance-system
|
||||||
# Domain: home.dooplex.hu
|
# Domain: orsi.dooplex.hu
|
||||||
# Version: v0.8.4
|
# Version: v0.8.4
|
||||||
#
|
#
|
||||||
# Features:
|
# Features:
|
||||||
@@ -15,9 +15,9 @@
|
|||||||
# - Calendar widget
|
# - Calendar widget
|
||||||
#
|
#
|
||||||
# Authentik Integration:
|
# Authentik Integration:
|
||||||
# 1. Create Application: "Glance Home"
|
# 1. Create Application: "Glance Orsi"
|
||||||
# 2. Create Provider: Proxy Provider with external host https://home.dooplex.hu
|
# 2. Create Provider: Proxy Provider with external host https://orsi.dooplex.hu
|
||||||
# 3. Create Outpost: glance-home-outpost
|
# 3. Create Outpost: glance-outpost
|
||||||
# 4. Update auth-url annotation with actual outpost service name
|
# 4. Update auth-url annotation with actual outpost service name
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
@@ -739,7 +739,7 @@ metadata:
|
|||||||
app.kubernetes.io/instance: glance-orsi
|
app.kubernetes.io/instance: glance-orsi
|
||||||
annotations:
|
annotations:
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||||
external-dns.alpha.kubernetes.io/hostname: home.dooplex.hu
|
external-dns.alpha.kubernetes.io/hostname: orsi.dooplex.hu
|
||||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||||
nginx.ingress.kubernetes.io/proxy-buffer-size: "16k"
|
nginx.ingress.kubernetes.io/proxy-buffer-size: "16k"
|
||||||
nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
|
nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
|
||||||
@@ -747,7 +747,7 @@ metadata:
|
|||||||
# Authentik Forward Auth annotations
|
# Authentik Forward Auth annotations
|
||||||
# TODO: Update 'glance-home-outpost' with your actual outpost name after creating in Authentik
|
# TODO: Update 'glance-home-outpost' with your actual outpost name after creating in Authentik
|
||||||
nginx.ingress.kubernetes.io/auth-url: http://ak-outpost-glance-outpost.auth-system.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx
|
nginx.ingress.kubernetes.io/auth-url: http://ak-outpost-glance-outpost.auth-system.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx
|
||||||
nginx.ingress.kubernetes.io/auth-signin: https://home.dooplex.hu/outpost.goauthentik.io/start?rd=$escaped_request_uri
|
nginx.ingress.kubernetes.io/auth-signin: https://orsi.dooplex.hu/outpost.goauthentik.io/start?rd=$escaped_request_uri
|
||||||
nginx.ingress.kubernetes.io/auth-response-headers: Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email
|
nginx.ingress.kubernetes.io/auth-response-headers: Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email
|
||||||
nginx.ingress.kubernetes.io/auth-snippet: |
|
nginx.ingress.kubernetes.io/auth-snippet: |
|
||||||
proxy_set_header X-Forwarded-Host $http_host;
|
proxy_set_header X-Forwarded-Host $http_host;
|
||||||
@@ -762,7 +762,7 @@ metadata:
|
|||||||
spec:
|
spec:
|
||||||
ingressClassName: nginx-internal
|
ingressClassName: nginx-internal
|
||||||
rules:
|
rules:
|
||||||
- host: home.dooplex.hu
|
- host: orsi.dooplex.hu
|
||||||
http:
|
http:
|
||||||
paths:
|
paths:
|
||||||
- path: /
|
- path: /
|
||||||
@@ -774,37 +774,6 @@ spec:
|
|||||||
number: 8080
|
number: 8080
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- home.dooplex.hu
|
- orsi.dooplex.hu
|
||||||
secretName: glance-tls
|
secretName: glance-tls
|
||||||
---
|
---
|
||||||
# Alternative Ingress WITHOUT Authentik (for testing)
|
|
||||||
# Uncomment this and comment out the above ingress if you want to test without auth first
|
|
||||||
# apiVersion: networking.k8s.io/v1
|
|
||||||
# kind: Ingress
|
|
||||||
# metadata:
|
|
||||||
# name: glance-noauth
|
|
||||||
# namespace: glance-system
|
|
||||||
# labels:
|
|
||||||
# app.kubernetes.io/name: glance
|
|
||||||
# app.kubernetes.io/instance: glance-orsi
|
|
||||||
# annotations:
|
|
||||||
# cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
||||||
# external-dns.alpha.kubernetes.io/hostname: home.dooplex.hu
|
|
||||||
# nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
||||||
# spec:
|
|
||||||
# ingressClassName: nginx-internal
|
|
||||||
# rules:
|
|
||||||
# - host: home.dooplex.hu
|
|
||||||
# http:
|
|
||||||
# paths:
|
|
||||||
# - path: /
|
|
||||||
# pathType: Prefix
|
|
||||||
# backend:
|
|
||||||
# service:
|
|
||||||
# name: glance
|
|
||||||
# port:
|
|
||||||
# number: 8080
|
|
||||||
# tls:
|
|
||||||
# - hosts:
|
|
||||||
# - home.dooplex.hu
|
|
||||||
# secretName: glance-tls
|
|
||||||
|
|||||||
@@ -518,7 +518,7 @@ metadata:
|
|||||||
app.kubernetes.io/instance: homepage-orsi
|
app.kubernetes.io/instance: homepage-orsi
|
||||||
annotations:
|
annotations:
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||||
external-dns.alpha.kubernetes.io/hostname: orsi.dooplex.hu
|
external-dns.alpha.kubernetes.io/hostname: orsihome.dooplex.hu
|
||||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||||
nginx.ingress.kubernetes.io/proxy-buffer-size: "16k"
|
nginx.ingress.kubernetes.io/proxy-buffer-size: "16k"
|
||||||
nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
|
nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
|
||||||
@@ -526,7 +526,7 @@ metadata:
|
|||||||
# Authentik Forward Auth annotations
|
# Authentik Forward Auth annotations
|
||||||
# Update 'homepage-outpost' with your actual outpost name
|
# Update 'homepage-outpost' with your actual outpost name
|
||||||
nginx.ingress.kubernetes.io/auth-url: http://ak-outpost-homepage-orsi-outpost.auth-system.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx
|
nginx.ingress.kubernetes.io/auth-url: http://ak-outpost-homepage-orsi-outpost.auth-system.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx
|
||||||
nginx.ingress.kubernetes.io/auth-signin: https://orsi.dooplex.hu/outpost.goauthentik.io/start?rd=$escaped_request_uri
|
nginx.ingress.kubernetes.io/auth-signin: https://orsihome.dooplex.hu/outpost.goauthentik.io/start?rd=$escaped_request_uri
|
||||||
nginx.ingress.kubernetes.io/auth-response-headers: Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email
|
nginx.ingress.kubernetes.io/auth-response-headers: Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email
|
||||||
nginx.ingress.kubernetes.io/auth-snippet: |
|
nginx.ingress.kubernetes.io/auth-snippet: |
|
||||||
proxy_set_header X-Forwarded-Host $http_host;
|
proxy_set_header X-Forwarded-Host $http_host;
|
||||||
@@ -539,7 +539,7 @@ metadata:
|
|||||||
spec:
|
spec:
|
||||||
ingressClassName: nginx-internal
|
ingressClassName: nginx-internal
|
||||||
rules:
|
rules:
|
||||||
- host: orsi.dooplex.hu
|
- host: orsihome.dooplex.hu
|
||||||
http:
|
http:
|
||||||
paths:
|
paths:
|
||||||
- path: /
|
- path: /
|
||||||
@@ -551,6 +551,6 @@ spec:
|
|||||||
number: 3000
|
number: 3000
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- orsi.dooplex.hu
|
- orsihome.dooplex.hu
|
||||||
secretName: homepage-orsi-tls
|
secretName: homepage-orsi-tls
|
||||||
---
|
---
|
||||||
|
|||||||
Reference in New Issue
Block a user